The process of deleting user from members list is little more complicated than insert. We input members to array, find user that needs to be deleted and replace the user with “”, then we cleanup the array, and finally we replace members value in LN group document with that new array.

As you might know, Powershell works best with other Microsoft products, like MS Exchange.

Now what happens when you want to connect PS to some non Microsoft products? In my case that was Lotus Notes. The collaboration giant. As you probably know, Lotus has its own LotusScritp language, with whom you may create Lotus databases, agents, users, etc… With it you can do almost anything in Lotus.
Since I like to test and experiment with Powershell, and one of my projects was Powershell script and Exchange, Self-service user portal, I decided to play with Powershell and Lotus Notes. And I must say, I works.

First of all, If you want to connect to Lotus Notes via PS, you must start powershell or PS ISE in 32bit mode.

Once you open the PS or ISE (I’m more of ISE or Visual Code person), you can start connecting to Lotus Notes.

One of my tasks, was to extract an HTML attachment which was sent everyday by our backup system. But with this code, will go through all mail documents in Inbox, and for those that have attachment, it will create a folder for every sender and create date subfolder with attachments in it.

Couple of days ago, I installed new version of Project Honolulu. I added few serves, but one of them reported error connecting.

Error reported WinRM connection failed.

So I tested it with PowerShell

Test-WSMan –ComputerName SERVER01.corp.loc

And yes, there was an error:Test-WSMan : <f:WSManFault xmlns:f=”http://schemas.microsoft.com/wbem/wsman/1/wsmanfault” Code=”2150858770″ Machine=”SOURCEPC.corp.loc”><f:Message>The client cannot connect to the destination specified in the request. Verify that the service on the destination is running and is accepting requests. Consult the logs and documentation for the WS-Management service running on the destination, most commonly IIS or WinRM. If the destination is the WinRM service, run the following command on the destination to analyze and configure the WinRM service: “winrm quickconfig”. </f:Message></f:WSManFault>At line:1 char:1+ Test-WSMan –ComputerName SERVER01.corp.loc+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~+ CategoryInfo : InvalidOperation: (aasv029.uniqa.hr:String) [Test-WSMan], InvalidOperationException+ FullyQualifiedErrorId : WsManError,Microsoft.WSMan.Management.TestWSManCommand

So the first step wast to run the command “winrm quickconfig” on the server, and restarted the service.This didn’t help, so I had to figure something out.

After couple of hours of testing and configuring, I stumbled upon the Technet forum (here).WinRM was listening on port 5985, but only on loopback (127.0.0.1) interface.

Some time ago, I’ve setup internal (AD based) DNS and external DNS for our domain. Now, when you do domain checkup with BIND tools, you will usualy get DNS version. For my external DNS it reported it was Windows server DNS. Now, for that problem (security issues), I found a solution on: http://www.admin-enclave.com/en/solutions/windows/146-hide-microsoft-dns-software-version.html
I is pretty simple, over CMD or over REGEDIT;
dnscmd /config /EnableVersionQuery 0
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\DNS\Parameters\EnableVersionQuery to 0

when Windows 10 came out, I bravely installed it on my business notebook. It works great, except Start menu search. Everything I searched returned blank. So I got couple of days to check what was going on.
I tried repairing Windows with SFC, I tried turning off Cortana, tamper with registry.. but nothing worked.
Then I suspected the GPO. So, I tested one by one, and finally I got to one where we had all our Internet Explorer settings.
After couple hours of trial and error, I got to conclusion that this two settings enabled Windows 10 start menu search:

Allow Website caches and database must be turned on, and I set it up to 50MB (default is 10)

So, since it took me a while to understand that you cannot get scheduled reports from WSUS 3.0, I had a quest to create my own. I searched through SQL database, and WSUS public Views and procedures, but it was time expensive.

Then I stumbled upon PoshWSUS scripts (here). Boeprox created PowerShell scripts, which help to administer WSUS from PowerShell. You can read all about it on his page.

So I needed to create an scheduled report which would periodically send me the status of servers updated by WSUS. And to look nice and shiny, the report will be HTML.

We have a need for self service portal in our IT department. We arranged after work shifts, and if I’m not near my VPN connected PC, I needed to unlock or reset user passwords, or give users the ability to have their mangers do that for them.

I needed unlock or password reset solution for users, that will trigger a script on mail recieve. So I searched for simillar powershell script, and I found it DeployHappiness AD Self Service Portal.
This blog show us how to send SMS to mail, but our provider does not have this kind of service.

Still, this gave me a logic of things, and how to connect ot Exhange via API on specific mailbox, and query that mailbox for specific mails.

Then I needed to make sure that only users from our Organization can request, and that the person requesting is direct or indirect manager of the user.

Example:

IT Admins

John

Dave

Julia

Peter

Sandra

Steve

Angela

David

Jeremy

Marco

IT admins can request Unlock or Reset for everybody
John can request Unlock or Reset for his group (Dave,Julia,Peter,Sandra), but not for himself or Angela’s group.
Angela can request Unlock or Reset for hers group (David,Jeremy,Marco), but not for herself or John’s group.
Julia can request Unlock or Reset for hers group (Peter,Sandra), but not for herself or Dave and Steve.
Jeremy can request Unlock or Reset for Marco, but not for himself or David.

(Hope you got it)

Next on Prerequisites:

Create a user with mail adress

Create Recieve connector on Exchange for server that will host the script

On server that will host a script install Feature: Active Directory module for Window Powershell